CVE-2026-26030

Name of the Vulnerable Software and Affected Versions Semantic Kernel Python SDK versions prior to 1.39.4

Description A remote code execution issue exists within the InMemoryVectorStore filter functionality. The flaw occurs in the InMemoryCollection. parse and validate filter function, where a specially crafted filter str can access Python object internals, such as globals, allowing an attacker to escalate a prompt injection into arbitrary code execution.

Recommendations Update Semantic Kernel Python SDK to version 1.39.4 or later. As a temporary workaround, avoid using InMemoryVectorStore for production scenarios.